Skip to main content
SpringerLink
Log in

A New Approach to Reasoning About Accountability in Cryptographic Protocols for E-Commerce

  • Chapter
E-Commerce Security and Privacy

Part of the book series: Advances in Information Security ((ADIS,volume 2))

  • 217 Accesses

Abstract

This chapter presents a generic belief logic and demonstrates how it can be used to reason about accountability in cryptographic protocols for electronic commerce. First, we explain why the analysis of accountability properties can be treated in terms of belief. Different from other logics that have been proposed earlier to deal with accountability, our logic uses more general logical terms to deal with accountability, instead of the specific predicate “canprove”. We argue that the essence of accountability is actually the ability to “make” someone “believe” something, and the notion of “make” is just another modal operator in a generic belief logic. We then describe our belief logic and present an axiomatization system for analyzing cryptographic protocols for e-commerce. Finally, we illustrate with two examples how our logic can be used for our intended purpose.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. M. Abadi and M. Tuttle, A semantics for a logic of authentication. In Proceedings of the Tenth ACM Symposium on Principles of Distributed Computing, pp.201–216, 1991.

    Google Scholar 

  2. P. Bieber, A logic of communication in a Hostile Environment. In Proceedings of the Computer Security Foundation Workshop III, pp.14–22, IEEE Computer Society Press, June 1990.

    Chapter  Google Scholar 

  3. D. Bolignano, Towards the formal verification of electronic commerce protocols, Proc. of the tenth computer security foundations workshop, pp133–146, Rockport, IEEE Computer Society Press, 1997.

    Google Scholar 

  4. M. Burrows, M. Abadi, and R. Needham, A logic of authenti-cation. Research Report 39, Digital Systems Research Centre, 1989.

    Google Scholar 

  5. B. F. Chellas, Modal Logic—an introduction, pp.26, Cambridge University Press, 1995.

    Google Scholar 

  6. Chin-Liang Chang and Richard Char-Tung Lee, Symbolic Logic and Mathematical Theorem Proving, Academic Press, 1973.

    Google Scholar 

  7. D.E. Denning and G.M. Sacco. Timestamps in Key distribution protocols. CA CM, vol. 24, No. 8, pp.533–536, August 1981.

    Google Scholar 

  8. R. Fagin, J.Y. Halpern, Y. Moses, M.Y. Vardi, Reasoning about Knowledge, pp.76–80, The MIT Press, 1995.

    MATH  Google Scholar 

  9. L. Gong, Cryptographic Protocols for Distributed Systems, Ph.D. dissertation, University of Cambridge, April, 1990.

    Google Scholar 

  10. L. Gong, R. Needham, and R. Yahalom, Reasoning about belief in cryptographic protocols. In Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp.234–248, 1990.IBM Zurich Research, iKP — a family of secure electronic payment protocols. http://www.zurich.ibm.com/Technology/Security/extern/ecommerce/.

  11. R. Kailar, Reasoning about accountability in protocols for electronic commerce, in Proceedings of IEEE Symposium on Security and Privacy, pp.236–250, IEEE Computer Society Press, 1995.

    Google Scholar 

  12. V. Kessler and H. Neumann, A sound logic for analyzing electronic commerce protocols, Fifth European Symposium on Research in Computer Security: ESORICS 98 (Springer LNCS 1485, 1998), pp345–360, Springer 1998.

    Google Scholar 

  13. Kevin O’Toole, The Internet Billing Server Transaction Protocol Alternatives, Technical Report INI TR 1994–1, Carnegie Mellon University1994.http://www.ftp.ini.cmu.edu/billing_server/Transaction_Protocol/billing_server/Transaction_Protocol

    Google Scholar 

  14. R. L. Rivest, A. Shamir, and D. A. Wagner, Time-lock puzzles and timed-release crypto, Technical Report, MIT Laboratory for Computer Science, 1996.

    Google Scholar 

  15. P. Syverson, Formal Semantics for Logics of Cryptographic Protocols, Proceedings of the Computer Security Foundations Workshop III, Franconia, NH June 1990. IEEE CS Press, Los Alamitos CA, 1990.

    Google Scholar 

  16. P. Syverson and P.C. Van Oorschot, On unifying some cryptographic protocol logics, In Proceedings of the Computer Security Foundations Workshop VII(CSFW’94), (IEEE), pp.14–28, 1994.

    Google Scholar 

  17. P.C. Van Oorschot. Extending Cryptographic Logics of Belief to Key Agreement Protocols (Extended Abstract). In proceedings of the first ACM conference on Computer and Communication Security, pages 232–234, November 1993.

    Google Scholar 

  18. V. Varadharajan and Y. Mu, On the design of secure electronic payment schemes for Internet, in Proceedings of Twelfth Annual Computer Security Applications Conference, pp.78–87. IEEE Computer Society Press, 1996.

    Chapter  Google Scholar 

  19. V. Varadharajan, H. Wang and Y. Zhang, Towards a generic logic for the analysis of cryptographic protocols, to appear in Proceedings of the 20th International Conference on Distributed Computing Systems, IEEE Computer Society, April 2000.

    Google Scholar 

  20. V. Varadharajan, H. Wang and Y. Zhang, a generic logic for the analysis of cryptographic protocols, manuscript, 2000.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Athabasca University, 1 University Av, Athabasca, AB, T9S 3A3, Canada

    Hongxue Wang

  2. University of Western Sydney Nepean, P.O.Box 10, Kingswood, NSW, 2747, Australia

    Vijay Varadharajan & Yan Zhang

Authors
  1. Hongxue Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vijay Varadharajan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cigital, Inc., USA

    Anup K. Ghosh

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer Science+Business Media New York

About this chapter

Cite this chapter

Wang, H., Varadharajan, V., Zhang, Y. (2001). A New Approach to Reasoning About Accountability in Cryptographic Protocols for E-Commerce. In: Ghosh, A.K. (eds) E-Commerce Security and Privacy. Advances in Information Security, vol 2. Springer, Boston, MA. https://doi.org/10.1007/978-1-4615-1467-1_7

Download citation

  • DOI: https://doi.org/10.1007/978-1-4615-1467-1_7

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4613-5568-7

  • Online ISBN: 978-1-4615-1467-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation